Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade of mbed TLS to 2.7.0 (Zephyr) breaks RSA signatures #235

Closed
d3zd3z opened this issue Feb 13, 2018 · 0 comments
Closed

Upgrade of mbed TLS to 2.7.0 (Zephyr) breaks RSA signatures #235

d3zd3z opened this issue Feb 13, 2018 · 0 comments
Assignees
@d3zd3z
Labels
bug

Comments

@d3zd3z
Copy link
Member

d3zd3z commented Feb 13, 2018

Zephyr commit bb72c3d020166c388316c6be7d6584a09782c9d1 changes something about RSA-PSS that keeps signatures from being considered valid.
@d3zd3z d3zd3z added the bug label Feb 13, 2018
@d3zd3z d3zd3z self-assigned this Feb 13, 2018
d3zd3z added a commit to d3zd3z/mcuboot that referenced this issue Feb 13, 2018
@d3zd3z
Fix RSA sigs for mbed TLS 2.7.0
9508a61 
In Mbed-TLS/mbedtls@2f8f06a

    commit 2f8f06aa25e9d5ee4fc9fe217543c872b39e4d05
    Author: Hanno Becker <hanno.becker@arm.com>
    Date:   Fri Sep 29 11:47:26 2017 +0100

        Don't always recompute context length in mbedtls_rsa_get_len

mbed TLS begins assuming that the 'len' field of the context has been
set properly.  Previously, we relied on this not being true, and various
tests fail for all keys without setting this.

The fix is to simply set the length based on the value we read.

fixes mcu-tools#235.

Signed-off-by: David Brown <david.brown@linaro.org>
@d3zd3z d3zd3z closed this as completed in 785dc4c Feb 13, 2018
@SebastianBoe SebastianBoe mentioned this issue Feb 14, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@d3zd3z d3zd3z

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@d3zd3z